What work does "individually" do in this last sentence? Can 2 evil services collaborate (or more realistically 2 non-evil services get breached) to extract part of the secret? What is the mechanism keeping me from setting up n realms and extracting secrets from their shared info?
Yes, that is the work "individually" is doing here – multiple realms (services) could collude to combine shards and attempt to extract secrets.
However, programmable HSMs, with verifiable software (e.g. via a key ceremony), minimize this form of collusion. The shards they hold can't be extracted by a malicious operator, at least without substantial effort (requiring HSM hardware vulnerabilities).
